Wing Web Help

Oregonian Web Presence Consultant

Why It’s So Hard to Keep Up with Updates

Why it's So Hard to Keep up With Updates

Most software nowadays keeps tabs on whether or not there’s a new version of itself available and will sound off whenever it’s time to update. This usually happens at least once a month, so you probably have a really good routine all figured out for when and how to update without it being a big deal… right?

If you’re like most people in charge of small business websites, the answer ranges from “Well, no” to “Hahaha no” to running out of the room screaming.

Patch management is not a multitasker’s strong suit, and here’s why:

9 times out of 10, the update process goes swimmingly. You feel very silly for waiting until a low traffic time to update it because literally nothing happened other than the notification going away.

That 10th time is when you decide to update during the day because updating has gone off without a hitch every other time. That’s when the update messes with some important file in a way that morphs your beautiful website into a blank screen that may as well say “Look everyone, the people that run me don’t know what they’re doing!”

…Or at least that’s what it can feel like.

The point is, most of the time routine updates are just a few button clicks you need to get out of the way. It seems like a small job in that way – something you could fit in between meetings if you really needed to. But there’s also the lingering anxiety in the back of the updater’s mind… What if this is the one that breaks something? If it is, then you’ll need to troubleshoot it until it’s fixed again. That turns a simple, 30 second job into a drop-everything site outage.

How do you plan something like that in your schedule? Maybe something like…

For the next thirty seconds to three hours, I’m busy patching the website.

I have no idea how to represent that on my calendar, and I suspect I’m not alone in that.

Why not just skip updates? Sadly, the internet can be a terrifying place if you’re not careful, and most updates improve your defenses against hackers by closing software vulnerabilities.

This is especially true with WordPress. It’s open source software that powers a quarter of websites worldwide, so more eyes look through its code every day than most projects get per year. Sometimes people looking through the code report that they’ve spotted something that could be exploited… so a fix is tested and put into the next patch. A post goes out saying “be sure to patch, because if you do this exact thing then someone could get into your site!” Then anyone who hasn’t patched is running software with holes that have been metaphorically highlighted and circled a bunch of times in red ink.

Most of these vulnerabilities only make bad situations worse, but occasionally they can be used in a way that allows anyone who knows what they’re doing to wreak havoc on your website if they feel like it, and eventually someone will feel like it.

The Pitch Starts Here

This is why I include patch management in my managed hosting services. I have the time and motivation to research patches and how likely they are to break sites. I set up copies of clients’ live websites to test any major site changes, including potentially disastrous updates.

Patch management is built into my schedule as part of my routine. Once a week, I make sure the sites on my service plan have no pending updates available. If I hear about a particularly important “patch now”-style update, I implement it within 24 hours.

My schedule is flexible enough that I can address patching disasters as they happen, and even routine patches are applied at low-volume times for your website.

Long story short, I’ve been the guy in charge of managing patches on top of everything else. I know:

  • How easy it is to let patch management sit on the backburner while you deal with your regular duties
  • How much of a burden that little item on your to-do list adds.
  • What can happen if you let patches sit on the backburner too long.

…So I decided to try and help others avoid that. Please let me know if that sounds like something you could use!

Have you ever had a patching disaster when you least expected it? Share your story in a comment!

3 Types of Jobs that Shouldn’t be Outsourced

I’m definitely a fan of outsourcing. My business model kind of depends on other people liking it too!

That’s not to say that everything can be outsourced. On the contrary, I think there’s a number of jobs that shouldn’t leave the realm of employees. Here they are:

Jobs Within Your Organization’s Core Competencies

If you say you’re the best at what you do, you shouldn’t have someone outside your organization doing it for you. Here’s an example: What if you found out that I didn’t build the website you’re reading this off of? If I linked to the developer, it would basically turn my entire website into an ad for a competitor. If I didn’t, I would be lying by omission to potential clients by implying that my contractor’s skills were my own. Whew, good thing I built this thing myself!

Your business’ core competencies are the things you’re willing to invest in doing well yourself. Hiring specialists as employees will ensure they stick around and can constantly work on improving your organization’s expertise.

Jobs Where Knowing the Organization is Necessary

I like to think of myself as a decent writer, but I do everything within my power to avoid writing copy for clients.* One thing I’ve learned is that it usually takes about four times as long for an outsider to accurately portray a company/product/brand etc. than it would take for someone within the company to describe the same thing.

Even when I write content for clients, I have to make sure it gets approved by someone within the company before it goes live in case I’ve misunderstood some aspect their product or service. Long story short – You need someone inside your company to make sure what’s written about your company is accurate.

*Copy editing for SEO is another story!

Jobs That Interact with the Public on Your Behalf

I’ll make sure your Facebook page looks great and is full of helpful information, but I’m not going to write any posts for you. Both tasks deal with Facebook, but one is social media branding while the other is public relations.

Simply put, outsourcing public relations is a bad idea. Since I don’t know the organization as well as any employee would, I’m one of the least qualified people to tell people about what’s going on! Social media is also where people air their grievances and expect a response within an hour. I would do your brand a disservice, and save you no effort, if I called in any time anyone submitted a complaint. On the other hand, I could only provide vague non-answers to complaints myself if I fielded the complaints without contacting anyone.

Otherwise, it’s worth considering whether or not you really need to add someone else to your payroll just to solve a problem.

Do you have any outsourcing horror stories to share? Have you successfully outsourced any of the kinds of jobs I mentioned? Let me know in a comment!